4.7.2 Security

Manual Transmittal

October 14, 2015

Purpose

(1) This transmits a revised IRM 4.7.2, Examination Returns Control System (ERCS), Security.

Material Changes

(1) IRM 4.7.11, System Administrator and Database Administrator, was made obsolete and part of the contents were incorporated into this IRM. The remaining contents were incorporated into IRM 4.7.1, Overview.

(2) Minor editorial changes have been made throughout this IRM. Also, website addresses and IRM references were reviewed and updated as necessary.

(3) Significant changes to this IRM are reflected in the table below:

Reference Description
IRM 4.7.2.1 (4) UNAX information updated to include securing ERCS reports promptly from printers and information on the creation of audit trails.
IRM 4.7.2.2 (1) Added a bullet for Resolving ERCS access issues.
IRM 4.7.2.2.1 Added paragraphs (3) and (4) to explain the background check requirements.
IRM 4.7.2.2.1 (8) Added that employees in the RPO may have ERCS access.
IRM 4.7.2.2.2 (1) Added a note explaining the procedures when LB&I employees need access to multiple groups within LB&I.
IRM 4.7.2.2.2 (3) Updated the table because of the SB/SE re-organization.
IRM 4.7.2.2.2 (4) Removed the examples. They were not needed since it would be rare.
IRM 4.7.2.2.2 (5) Added whistleblower employees to users who need HQ approval prior to gaining access to ERCS.
IRM 4.7.2.2.3 Updated section explaining how to input an Online 5081 for ERCS.
IRM 4.7.2.2.4 (1) Updated the ERCS Location Codes for Login Names and Printer Groups table for the changes in the printer groups.
IRM 4.7.2.2.5 This section was incorporated into IRM 4.7.2.4 and updated. The following section was renumbered.
IRM 4.7.2.2.6 (2) Renumber to IRM 4.7.2.2.5 (2). Updated to include instructions for the Online 5081.
IRM 4.7.2.2.6 (3) Updated to include instructions for users who need to input a second Online 5081 for a name change.
IRM 4.7.2.3.1 (4) Added instructions for employees with pseudonyms.
IRM 4.7.2.3.2 (2), (3), (4) Sections referencing ERCS Access records were deleted. It was out of scope for this IRM. The following paragraphs were renumbered.
IRM 4.7.3.1 (5), (6) Moved to IRM 4.7.3.2.
IRM 4.7.2.3.2 This section was re-organized for a better flow and updated.
IRM 4.7.2.3.2.1 This section for Recommended Permissions was added.
IRM 4.7.2.4 The section for System Security Responsibilities was added.
IRM 4.7.2.5 The section for Getting Help was added.
IRM 4.7.2.6 The section for Resources was added.

Effect on Other Documents

IRM 4.7.2 dated August 2, 2012 is superseded.

Audience

Small Business and Self Employed (SB/SE), Large Business and International (LB&I), and National Headquarters employees in Return Preparer Office, Whislteblower Office, and National Research Program who use ERCS.

Effective Date

(10-14-2015)

Diego Rubin de Celis
Supervisory Program Analyst, Business Re-Engineering
Small Business/Self-Employed

Overview

  1. This section discusses ERCS security and procedures for controlling and maintaining ERCS access.

  2. All ERCS users, their managers, and ERCS support personnel (including system administrators, database administrators and ERCS developers) should be familiar with this IRM to ensure they are aware of the system security features and the requirements for ERCS access.

  3. For security issues concerning record of tax enforcement results (ROTER) information, see the Section 1204 Website. IRM 1.5, Managing Statistics in a Balanced Measurement System, provides further guidelines for the appropriate use of statistics by managers and employees.

  4. Users must be aware of the potential for Unauthorized Access of Taxpayer Accounts (UNAX) violations from the use of ERCS. Data from ERCS should be accessed only for IRS business purposes. Users should promptly retrieve ERCS reports from printers or fax machines in order to prevent unintentional disclosure. Audit trails are created and subject to review for all user accesses of taxpayer data. For more information about UNAX, see IRM 10.5, Privacy Information Protection.

ERCS Access

  1. This section discusses the requirements for obtaining and maintaining access to ERCS programs and data including:

    • Meeting the prerequisites

    • Choosing the Online 5081

    • Completing the Online 5081

    • Setting ERCS login names and passwords

    • Maintaining ERCS passwords

    • Requesting a change in login name

    • Resolving ERCS access issues

Meeting the Prerequisites

  1. A background check must be completed on permanent IRS employees requesting ERCS access prior to approving his or her Online 5081 request.

  2. Interns and cooperative education students may be given ERCS access, if hired for a position where ERCS access is required to accomplish their official duties. For these users a background check must be initiated, but it does not have to be completed, prior to granting the employee access to ERCS.

  3. Volunteers from the Wounded Warrior Program may be given ERCS access if it is required based on the position they have been selected to fill. If the user is with the IRS longer than 6 months, a background check must be initiated. (The background check is marked as initiated on the Online 5081 if the user's fingerprints have been received.) These users have background checks as part of their service in the military.

  4. For other special IRS initiatives where an exception to the background check may be granted, contact a HQ ERCS analyst.

  5. Employees must have completed a UNAX Briefing and UNAX Certification prior to being given access to ERCS data. The employee's manager is responsible for ensuring this has been completed prior to signing the Online 5081.

  6. Employees hired into a position requiring ERCS access are granted access on the approval of their managers and the Audit Information Management System (AIMS)/ERCS support staff. These positions include:

    • Exam group managers in SB/SE and their administrative staff

    • Team managers in LB&I and their administrative staff

    • Territory managers (TM)s and Area Directors in SB/SE and their administrative staff

    • Territory managers, Directors of Field Operations (DFO)s, and Industry Directors in LB&I and their administrative staff

    • Planning and Special Programs (PSP) Section Chiefs and selected members of their staff

    • Technical Services (TS) managers and selected members of their staff

    • Joint Committee Review (JCR) managers and their administrative staff

    • National Quality Review Staff (NQRS) managers and their administrative staff

    • Quality Measures and Analysis (QMA) managers and their administrative staff

    • LB&I Quality Measurement System (LQMS) managers and their administrative staff

    • Centralized Case Processing (CCP) managers and selected members of their staff

    • Return Preparer Office (RPO) managers and their administrative staff

    • AIMS/ERCS staff

    • Headquarters (HQ) ERCS analysts

      Note:

      An employee detailed into a position above or temporarily acting for an employee in a position above may also be granted access for the duration of the detail or acting assignment.

  7. An employee may be granted access on the approval of his or her manager and a HQ ERCS analyst if there is justification that access is needed in order to perform the user's official duties. These employees include the following:

    • SB/SE and LB&I HQ analysts

    • Return Preparer Office analysts

    • National Research Program (NRP) analysts

    • Treasury Inspector General for Tax Administration (TIGTA) employees

  8. Managers must ensure that their employees are only given ERCS access if their job requires it. Managers must also ensure access is removed timely when the employee no longer requires ERCS access to perform his or her job. Permissions must be restricted so the employee only has what is necessary in order to perform his or her official duties.

Choosing the Online 5081

  1. To obtain access to ERCS, employees must complete an Online 5081. Employees may need to complete more than one Online 5081 for ERCS if permission is needed in more than one area or in both LB&I and SB/SE. If the employee requires more than one Online 5081 for ERCS, the first one should be submitted within the user's support area. The user should wait until given a login and password to the system before submitting additional requests to other areas. There is an exception for HQ analysts, NRP analysts, whistleblower employees, and TIGTA employees. Refer to IRM 4.7.2.2.2 (5) for Online 5081 procedures for these employees.

    Note:

    When an LB&I user needs access to multiple groups within LB&I only one Online 5081 needs to be input. It should be for the area that supports the user.

  2. ERCS users are supported by the AIMS/ERCS staff located in the user's local area or CCP campus, with the exception of employees in Fraud/Bank Secrecy Act (BSA), International Individual Compliance (IIC), whistleblower employees, and TIGTA. Fraud/BSA, IIC, and RPO users have their own AIMS/ERCS support staff. Whistleblower employees are supported by Area 206, Western. Employees in TIGTA are supported by the area or campus where their access has been granted. Refer to the AIMS-ERCS Personnel Listing by State for support contact information.

  3. It is important to select the correct Online 5081 ERCS application because each one is routed to the local AIMS/ERCS staff for approval and the creation of the user's ERCS employee record and permissions. The following chart shows all the ERCS applications for requesting ERCS access. Except for HQ analysts, NRP analysts, whistleblower employees, and TIGTA employees, the following chart should be used to determine a user's initial Online 5081 selection for ERCS access. For these employees refer to IRM 4.7.2.2.2 (5).

    ERCS Online 5081 applications

    Online 5081 ERCS application Location of User Business Operating Division of User Access needed for returns in
    ERCS-TCC-LB&I-OGDEN CCP Ogden Campus SB/SE - CCP CCP in Ogden
    ERCS-TCC-SBSE-CINCY CCP Cincinnati Campus SB/SE - CCP CCP in Cincinnati
    ERCS-TCC-SBSE-MEMPHIS CCP Memphis Campus SB/SE - CCP CCP in Memphis
    ERCS-TCC-SBSE-AREA 201-NORTH ATLANTIC Connecticut, Maine, Massachusetts, New Hampshire, New Jersey, New York, Rhode Island, Vermont SB/SE, excluding TS Area 201
    ERCS-TCC-SBSE-AREA 201-NORTH ATLANTIC Connecticut, Maine, Massachusetts, New Hampshire, New York, Rhode Island, Vermont SB/SE - TS Area 201
    ERCS-TCC-SBSE-AREA 202-CENTRAL Delaware, District of Columbia, Indiana, Kentucky, Maryland, Ohio, Pennsylvania, Tennessee, Virginia, West Virginia SB/SE, excluding TS Area 202
    ERCS-TCC-SBSE-AREA 202-CENTRAL Kentucky, Michigan, New Jersey, Ohio, Pennsylvania, West Virginia SB/SE - TS Area 202
    ERCS-TCC-SBSE-AREA 203-SOUTH ATLANTIC Florida, Georgia, North Carolina, South Carolina SB/SE, excluding TS Area 203
    ERCS-TCC-SBSE-AREA 203-SOUTH ATLANTIC Delaware, District of Columbia, Florida, Maryland, North Carolina, South Carolina, Virginia SB/SE - TS Area 203
    ERCS-TCC-SBSE-AREA 204-MIDWEST Illinois, Iowa, Kansas, Michigan, Minnesota, Missouri, Nebraska, North Dakota, South Dakota, Wisconsin SB/SE, excluding TS Area 204
    ERCS-TCC-SBSE-AREA 204-MIDWEST Illinois, Indiana, Iowa, Kansas, Minnesota, Missouri, Nebraska, North Dakota, South Dakota, Wisconsin SB/SE - TS Area 204
    ERCS-TCC-SBSE-AREA 205-GULF STATES Alabama, Arkansas, Louisiana, Mississippi, Oklahoma, Texas SB/SE, excluding TS Area 205
    ERCS-TCC-SBSE-AREA 205-GULF STATES Alabama, Arkansas, Georgia, Louisiana, Mississippi, Oklahoma, Tennessee, Texas SB/SE - TS Area 205
    ERCS-TCC-SBSE-AREA 206-WESTERN Alaska, California (Northern), Colorado, Idaho, Montana, Nevada, Oregon, Utah, Washington, Wyoming SB/SE, excluding TS Area 206
    ERCS-TCC-SBSE-AREA 206-WESTERN Alaska, Arizona, Colorado, Hawaii, Idaho, Montana, Nevada, New Mexico, Oregon, Utah, Washington, Wyoming SB/SE - TS Area 206
    ERCS-TCC-SBSE-AREA 207-SOUTHWEST Arizona, California (Southern), Hawaii, New Mexico SB/SE, excluding TS Area 207
    ERCS-TCC-SBSE-AREA 207-SOUTHWEST California SB/SE - TS Area 207
    ERCS-TCC-SBSE-AREA 212-EMPLOYMENT Any Location SB/SE - Employment Tax Area 212
    ERCS-TCC-SBSE-AREA 213-ESTATE & GIFT Any Location SB/SE - Estate & Gift Area 213
    ERCS-TCC-SBSE-AREA 214-EXCISE Any Location SB/SE - Excise Area 214
    ERCS-TCC-SBSE-AREA 217 BSA/FRAUD Any Location SB/SE - Fraud/BSA Area 217 (Fraud or BSA)
    ERCS-TCC-SBSE-AREA 218 RPO Any Location RPO Area 218 (RPO)
    ERCS-TCC-LB&I 201-NORTH ATLANTIC Connecticut, Maine, Massachusetts, New Hampshire, New Jersey, New York, Rhode Island, Vermont LB&I LB&I
    ERCS-TCC-LB&I 202-CENTRAL Delaware, District of Columbia, Indiana, Kentucky, Maryland, Ohio, Pennsylvania, Tennessee, Virginia, West Virginia LB&I LB&I
    ERCS-TCC-LB&I 203-SOUTH ATLANTIC Florida, Georgia, North Carolina, South Carolina LB&I LB&I
    ERCS-TCC-LB&I 204-MIDWEST Illinois, Iowa, Kansas, Michigan, Minnesota, Missouri, Nebraska, North Dakota, South Dakota, Wisconsin LB&I LB&I
    ERCS-TCC-LB&I 205-GULF STATES Alabama, Arkansas, Louisiana, Mississippi, Oklahoma, Texas LB&I LB&I
    ERCS-TCC-LB&I 206-WESTERN Alaska, California (Northern), Colorado, Idaho, Montana, Nevada, Oregon, Utah, Washington, Wyoming LB&I LB&I
    ERCS-TCC-LB&I 207-SOUTHWEST Arizona, California (Southern), Hawaii, New Mexico LB&I LB&I
    ERCS-TCC-LB&I 315-INTERNATIONAL Any Location (including Puerto Rico) LB&I Area 315 (IIC)


  4. On rare occasions if access is needed to update records for an additional area or Business Operating Division (BOD), subsequent Online 5081s must be completed. Write permissions across areas requires justification in the Special Instructions Box on the Online 5081.

  5. HQ analysts, NRP analysts, whistleblower employees, and TIGTA employees must have an approved Online 5081 for ERCS-TCC-HQ ANALYSTS (ERCS) prior to requesting any other ERCS Online 5081 application. This ERCS application is routed to the HQ ERCS analysts for approval. A HQ ERCS analyst will contact the employee to determine what level of access and permissions are needed, and then will inform the employee which subsequent Online 5081 ERCS application to submit. The HQ analyst will alert the AIMS/ERCS managers in the areas impacted, and let them know that ERCS access has been granted.

  6. Information for Online 5081 applications for Statistical Sampling Inventory Validation (SSIVL), Discoverer and AIMS/ERCS staff are discussed in IRM 4.7.10, AIMS/ERCS Staff. See AIMS, ERCS, SETTS, and Discoverer Personnel Listing for Headquarters for contact information for the HQ analysts who support these programs.

Completing the Online 5081

  1. The Online 5081 for new users must contain sufficient information for the AIMS/ERCS analyst to add the employee's permissions on ERCS as this document serves as the official record of the user's approved level of access. The following information must be included in the Special Instructions Box, either by the employee, the employee's manager, or the AIMS/ERCS analyst:

    1. AIMS Assignee Code (AAC) or AACs - The Primary Business Code (PBC), Secondary Business Code (SBC), and Employee Group Code (EGC) combination the user needs permission for in order to run reports, update records, apply time, etc. These three codes make up the 12 digit AIMS Assignee Code).

    2. Permission type - The permission types consist of read, write, first level approval, and second level approval. With read permission users can run reports and see returns in their group. Write permission gives the user the ability to, generate forms, and update returns and employee records in the group. First level approval permission gives managers and acting managers the capability to approve updates made by other users in the group. In general, administrative employees are given read and write permission, managers are given read and first level approval permission and TMs are given read and second level approval permission.

      Note:

      Acting managers with inventory should not routinely be given write permission during an acting assignment and must not be given permanent write permission. Users requesting write permission should include the requested permission in the Special Instructions Box when completing (or modifying) their Online 5081 so it is included when the manager approves the form.

      Note:

      Managers may be given write permission with his or her TMs approval. The manager should include the requested permission in the Special Instructions Box when completing (or modifying) their Online 5081 so it is included when the TM approves the form.

      Note:

      Territory managers must approve requisitions, statute updates, and transfers or closures to a return generating the command code AMSOC if made by a manager in their territory. Also since an acting manager cannot approve work for returns in his or her own inventory, the TM may need to approve updates made to the acting manager's inventory.

    3. User type - (Group, PSP, Review (Technical Services), Sample Review, CCP, Territory, DFO, Area, or Industry). The user type determines the menu options the user sees.

    4. Length of Access - If the user needs permanent access the end date should be left blank on the Online 5081. If the user only needs temporary access, the end date should be noted on the Online 5081.

      Note:

      A login and password give the user access to the ERCS server. Permission records give the user access to run ERCS programs. A user acting for the manager on an ongoing basis may need permanent access to the server, but temporary permission to approve work during each acting assignment. A user acting for the manager for a specific period of time would only need temporary access to the server and to ERCS. The later user would notate an end date on the Online 5081. This will ensure the user’s access and permissions are deleted after the acting assignment is completed.

    5. Justification - If permissions are needed outside the user's group, function, etc. a justification must be input. Any other special instructions should be included such as detail assignment, acting assignment, etc.

      Note:

      Examiners access to ERCS is limited to acting assignments.

ERCS Login Names and Passwords

  1. Every ERCS user is given an eight character login name consisting of the user's first initial, middle initial, first four characters of the last name and a two digit location code. If the user does not have a middle name, an x is substituted. If the user's last name is shorter than four characters, the subsequent letters of the user's first name or the letter x is used to make up the remaining characters. The location code is used to set the user's default printer group when the user’s permissions are added to ERCS. The user may change the printer group via the "Change Printer Group" option from the ERCS Login Menu screen. As shown in the table below, the location code used to set the user’s default printer group may not be a perfect match:

    ERCS Location Codes for Login Names and Printer Groups

    Location Location Code Printer Group
    Maine, Massachusetts, New Hampshire, Vermont 04 exam04
    Connecticut, Rhode Island 06 exam06
    Brooklyn, New York 11 exam11
    Manhattan, New York 13 exam13
    Upstate New York 16 exam16
    Cincinnati Campus 17 exam17
    New Jersey 22 exam22
    Pennsylvania 23 exam23
    Ohio 31 exam31
    Southern California 33 exam33
    Indiana 35 exam31
    Illinois 36 exam36
    Michigan 38 exam38
    Iowa, Nebraska, Wisconsin 39 exam39
    Minnesota, North Dakota, South Dakota 41 exam41
    Kansas, Missouri 43 exam43
    Memphis Campus 49 exam49
    Delaware, Maryland 52 exam23
    Virginia, West Virginia 54 exam23
    North Carolina, South Carolina 56 exam56
    Georgia 58 exam65
    North Florida 59 exam65
    Kentucky, Tennessee 62 exam31
    South Florida 65 exam65
    Puerto Rico 66 exam98
    Alabama, Louisiana, Mississippi 72 exam72
    Arkansas, Oklahoma 73 exam72
    South Texas 74 exam74
    North Texas 75 exam75
    Houston, Texas 76 exam76
    Central California 77 exam77
    Colorado, Idaho, Montana, Utah, Wyoming 84 exam84
    Nevada 86 exam86
    Arizona, New Mexico 86 exam90
    Alaska, Oregon, Washington 91 exam91
    Hawaii 91 exam90
    Northern California 94 exam94
    Los Angeles 95 exam95
    District of Columbia 98 exam98


  2. The ERCS system prompts users to change their password every 90 days. Passwords can be changed prior to 90 days, but after 90 days the account is locked. Users must change their password when accessing ERCS for the first time and after their password has been unlocked or reset.

  3. Every user must log onto ERCS at least once every 45 days or his or her ERCS account will be locked. Once the user's ERCS account is locked, the user has an additional 15 days to contact the help desk, get the account unlocked and log into ERCS.

    Note:

    Putting a reminder in your calendar to log in every 30 days may help prevent your password from getting locked.

    Note:

    When you contact the help desk to unlock or change your password, be sure to stay on the line until you have successfully changed the temporary password and can access ERCS.

  4. ERCS passwords are locked after three unsuccessful attempts to enter a password.

  5. If the user fails to take the necessary steps to get the account unlocked and log in the account is subject to deletion. Accounts are deleted after 60 days of non-use. To get a password reset or a deleted account re-instated, see the Password Reference Guide for ERCS in the Troubleshooting section of the AIMS/ERCS website.

  6. Passwords should be at least eight characters long and adhere to specific rules. For information on what to do when your password is locked or how to set a strong ERCS password, see the Password Reference Guide for ERCS.

  7. ERCS users are responsible for protecting their password. Passwords should never be shared.

Requesting a Change in Login Name

  1. When a user has a name change it may be preferable to change the ERCS login name. However, a login name does not need to be changed if a user changes locations.

  2. To change a login name submit a Modify Profile Online 5081 request for ERCS in the area the user is located. In the special instructions box input:

    • The request is for a login change

    • The current login name

    • The new login name. It must adhere to the login rules. See IRM 4.7.2.2.4 for more information about setting login names.

  3. The Online 5081 is routed to the SA to change the ERCS login on the ERCS system. Then it is routed to the local AIMS/ERCS staff to change the user's employee record and permissions. If the user also has one of the following ERCS applications, the user must submit a Modify Profile Online 5081 request for the application:

    • ERCS-TCC-HQ ANALYSTS (ERCS)

    • ERCS-TCC-AIMS-ERCS STAFF (ERCS)

Security Features of ERCS

  1. In addition to numerous program validation and consistency checks to ensure the data is valid, ERCS security is assured by:

    • Limited system and data access by users to ensure information is provided on a need-to-know basis.

    • Audit trail generation and review of users' activities.

    • Electronic managerial approval of certain actions.

  2. The following topics are included in this section:

    • ERCS Employee Records

    • Permissions

    • Employee Audit Security

    • Audit Trails

    • Audit Trail Review

ERCS Employee Records

  1. ERCS interfaces with the Corporate Authoritative Directory Service (CADS) to download employee information (Social Security Number (SSN) and Standard Employee Identifier (SEID)) into the ERCS database. Only data for SB/SE, LB&I, and RPO employees is downloaded. When an employee record is added to ERCS, the user enters the employee's SEID. It is validated against the downloaded employee data from CADS. If a user is unable to add a new employee to ERCS because the employee's SEID is not accepted, the user should contact the local AIMS/ERCS staff for assistance. Refer to the AIMS-ERCS Personnel Listing by State for contact information.

  2. Employee records are added by a user with write permission for the AAC of the employee assignment. This includes the administrative staff, the manager or the AIMS/ERCS staff.

  3. The information on the ERCS employee record should be entered accurately and completely. Any changes to the record should be updated as soon as they are known. ERCS employee data is used to:

    • Verify a user is authorized to access ERCS.

    • Determine if an employee is required to charge technical time.

    • Validate the employee's AAC during inventory assignment.

    • Determine if the employee should have access to the Managerial Approval menu option.

    • Determine if an employee's actions require managerial approval.

    • Protect an employee's tax return from unauthorized access.

    • Determine who should receive employee audit security alerts.

    • Determine if the employee's tax return can be audited in the area.

    • Create the ERCS audit trails.

  4. Employee records should be updated when an employee’s name changes. If an employee has been issued a pseudonym for security reasons, the pseudonym should be entered on the ERCS employee record followed by a space and the literal XX. This will alert the AIMS/ERCS staff that the name on the employee records is not the employee’s real name.

  5. ERCS employee records should be inactivated when the employee leaves the Service or transfers within the Service to a non-ERCS position. If the employee’s time is entered on ERCS, the end date on the employee record must be set to the last day the employee is required to enter time on ERCS. Otherwise, the last day the employee is active should be entered for the employee’s end date. The login name should not be removed from the ERCS employee record when an employee record is inactivated. It is a link to the ERCS audit trails.

Permissions

  1. Permission records determine what menu options are available to a user within the ERCS Main Menu. They also give users the ability to run reports, update employee records and returns, input time, and approve work.

  2. The permission types are read, write, first level approval, and second level approval. Managerial approval can be restricted so the user can only approve updates by return. Permission records are based on AACs. For example, a group manager may be given read and first level approval permissions for the group's AAC. A CCP user in Memphis may be given read and write permission for returns in Memphis CCP.

  3. ERCS programs use the user's permission records with the ERCS national status code files to restrict access based on the status code on the return. For example, a group user may only update returns in a group status. CCP users may only update returns in a CCP status. See Document 6036, Examination Division Reporting System Codes Booklet for a list of status codes used by examination.

  4. Permission records are added by the AIMS/ERCS staff. They can delegate approval permissions for an acting manager as long as the employee has an active login and password to the system. Approval permissions should only be granted for as long as the acting assignment. Managers can delegate temporary approval permissions for their group to another manager.

  5. For permanent permission changes within the same area, the user is required to submit a Modify Profile request via the Online 5081. A temporary or emergency permission change within the same area may be granted by the user's AIMS/ERCS analyst. The request should be made by the user’s manager via e-mail, memorandum (documentation to be determined locally), or Online 5081. For emergency permissions not covered in these instructions, contact a HQ ERCS analyst.

  6. If an employee acts for his or her manager, the employee's permission records should be granted with a beginning date and an ending date covering the acting assignment. If the acting assignment ends early, the permission records should be updated to the correct end date. But the employee's employee record should remain active.

  7. When an employee record is inactivated, the ERCS program updates the employee's permission records to end on the employee's inactivation date.

  8. If an ERCS user no longer needs ERCS access due to a change in position or duties, a delete Online 5081 must be input.

  9. If an ERCS user is suspended from active duty the manager should either input a delete Online 5081 for the user’s ERCS access or a Modify Profile Online 5081 request to delete the user’s permissions during the time of the suspension.

  10. Menu Options 11 through 19 (on the ERCS Login Menu) are granted via special Online 5081s. These Online 5081s go through the HQ ERCS analysts or the HQ SSIVL analysts for approval and to add the special permissions enabling the user to access the menu options. These options are described below:

    Menu Option Number Menu Option Required Position Online 5081 Application Description
    11 AIMS/ERCS Analyst Menu AIMS/ERCS staff ERCS-TCC-AIMS-ERCS STAFF (ERCS) This menu contains options to aid in the support of ERCS end-users.
    12 SSIVL Analysts from SB/SE, LB&I, Tax Exempt/Government Entities, and Wage & Investment SSIVL-### This menu contains programs associated with SSIVL including extracting data and maintaining the SSIVL AAC list.
    13 SSIVL for CCP Analysts and administrative staff in CCP SSIVL-CCP-### This menu contains programs associated with SSIVL including extracting data and running reports.
    14 Check Mail Security Officers, PSP Chiefs, AIMS/ERCS staff ERCS-TCC-AIMS-ERCS STAFF (ERCS) This option allows users to read ERCS system e-mail.
    15 AIMS Download AIMS/ERCS staff ERCS-TCC-AIMS-ERCS STAFF (ERCS) This menu contains the ERCS to AIMS Uploading Programs.
    16 National Codes HQ ERCS analysts ERCS-TCC-AIMS-ERCS STAFF (ERCS) This menu allows users to validate new codes and update national files.
    17 SETTS AIMS/ERCS staff ERCS-TCC-AIMS-ERCS STAFF (ERCS) This menu contains the Summary Examination Time Transmission System (SETTS) programs.
    18 User Administration HQ ERCS analysts ERCS-TCC-AIMS-ERCS STAFF (ERCS) This menu contains options for granting access to menu options included in this table.
    SSIVL analysts SSIVL-ADMIN This menu contains options for granting access to SSIVL.
    19 Security Security officers and AIMS/ERCS managers and analysts ERCS-TCC-AIMS-ERCS STAFF (ERCS) This menu contains options for reading ERCS audit trails.
Recommended Permissions
  1. Permission records are granted to users based on user type and permission type. The nine user types include:

    User Type Users
    PSP Planning and Special Programs Section Chiefs, analysts, Program Coordinators, and administrative staff
    Group Examination group or team managers and administrative staff
    Territory Territory managers and administrative staff
    DFO Directors of Field Operations and administrative staff
    Area/Industry Area Directors, Industry Directors, and administrative staff
    Review Technical Services and Joint Committee Review managers, analysts, and administrative staff
    Sample Review National Quality Review Staff, Quality Measures and Analysis, LB&I Quality Measurement System managers and administrative staff
    CCP Centralized Case Processing managers, analysts, and administrative staff
    Admin AIMS/ERCS managers, analysts, and assistants. The Admin user has permission to run ERCS as any user type in order to provide support for the end-users.

    Note:

    For information about the menu options available to each user type, see the Main Menu chapter of the ERCS Technical Reference Manual (TRM).

  2. Read permission is granted to all ERCS users. Write and approval permission should be granted based on the user’s need to accomplish their job.

  3. Group administrative staff (Position Code 400) users need read and write permission as a Group user for the AAC to which they are assigned and for any other AAC in which they must assist in updating returns, running reports and inputting time.

  4. Group managers and LB&I team managers need read and first level approval permission as a Group user for the AAC to which they are assigned and for any other AAC in which the manager must assist in approving updates to returns. A group or an LB&I team manager may also be given write permission if the territory manager is in agreement.

  5. PSP administrative staff (Position Code 400) need read and write permission as a PSP user for the AAC to which they are assigned and for any other AAC in which the employees must assist in updating returns, running reports and inputting time. Depending on their duties the employee may be given permission for all PSP in the area or for individual AACs in PSP.

  6. In SB/SE PSP Section Chiefs and/or the Program Coordinators (depending on local procedures) need read and first level approval permission as a PSP user for the AACs in their control. The PSP Program Coordinators should consult with the Section Chief before requesting write permission since some updates input by the Program Coordinator require second level approval. In LB&I, PSP analysts need read and first level approval permission as a PSP user for the AACs in their control.

  7. PSP Territory Managers and/or the PSP Section Chiefs (depending on local procedures) need read and second level approval permission for PSP in the area.

  8. Non-managers in CCP may be given read and write permission for CCP AACs as needed to perform their duties. Users bringing in and assigning inventory need write permission for the CCP campus in order to update unassigned returns.

  9. CCP managers may be given read, write, and first level approval permission as a CCP user for their AAC.

  10. Department managers in CCP need read permission for the CCP campus, and may be given second level approval permission, as needed.

  11. TS administrative staff (Position Code 400) may be given read and write permission for their review AACs. Users bringing in and assigning inventory need write permission for the review territory in order to update unassigned returns. TEs in TS (Position Code 327) may be given read and write permissions for their review AACs, if needed in order to perform their official duties.

  12. TS managers may be given read and first level approval permission as a review user for the review territory.

  13. Territory managers in TS may be given write, first and second level approval permission, as needed.

  14. Sample review managers and administrative staff need read and write for their sample review AACs.

  15. AIMS/ERCS staff need read and write permission for their area and for the areas or industries they support in specialty and LB&I. Temporary approval permissions may be given to AIMS/ERCS staff, as needed.

  16. HQ SB/SE and LB&I analysts may be granted read permission for multiple areas if access is required to perform their official duties. See also IRM 4.7.2.2.1 (7) for additional information.

  17. HQ ERCS analysts may be granted read and write permission, as needed, in order to perform their official duties.

Employee Audit Security

  1. An employee audit occurs when the tax return of an Internal Revenue Service employee is examined. ERCS provides special security features for employee returns under audit. When any of the following events occur an audit trail is created and an ERCS system e-mail alert is generated:

    • A user enters his or her SSN or the SSN of a spouse (if a joint return was filed).

    • The source code on a return is changed to or from Source Code 46, "Employee Return" .

    • The "Employee Audit" indicator is toggled (turned on or off) on a return.

    • An unauthorized user attempts to access an employee's return.

    • A user attempts to add an employee return to ERCS for an employee who should not be audited in the same area.

    • A employee's return is on AIMS and during AIMS to ERCS processing, the program attempts to add the return to ERCS in an area where the employee should not be audited.

    • The addition of a high profile employee return to ERCS (such as the Security Officer).

  2. If there is a Security Officer with ERCS access for the area, the employee audit e-mail is sent to the Security Officer. Otherwise the ERCS system e-mail is sent to the PSP TM. See IRM 4.7.5, Planning and Special Programs (PSP), for more information about the employee audit e-mail.

    Note:

    ERCS system e-mail is sent and received on the ERCS server.

  3. Not all employee audit alerts are an indication the user is doing something inappropriate. For example, alerts may be generated when a user accesses an employee's return by taxpayer identification number (TIN), and the program finds one tax period assigned to the user's group and one tax period controlled in another group or function. An alert will be generated for the tax period that is not in the user's group. Some alerts are an indication of inappropriate access, for example, when a user enters his or her own SSN. See Employee Audits on the AIMS/ERCS website for more information.

  4. Employee returns are not included on ERCS reports and screens if the user is not authorized to see the data. In general, this means the return must be assigned to the user's group or function before the user may see the return information. Once a return is transferred or closed, the user no longer has permission to view the return. Users are not notified when an employee audit alert is generated for their access.

  5. For more information about employee audit security features refer to the Security chapter of the ERCS Technical Reference Manual.

Audit Trails

  1. An ERCS audit trail is a record of an event initiated by a user or program on the ERCS server. The event can be anything from execution of a program to accessing or changing data. Audit trails can be used to research when changes were made to data, and to determine who input or approved the changes. Audit trails can also detect potential unauthorized access or suspicious activities.

  2. ERCS captures audit trail information for the following events:

    • Addition or deletion of taxpayer records.

    • Modification and managerial approval for selected updates to return information.

    • Research of taxpayer records.

    • Addition of employee records.

    • Modification of selected employee information.

    • Addition, deletion or modification of ERCS permissions.

    • User access to the ERCS Main Menu.

    • Selected events regarding employee returns under audit.

  3. The event information captured in an ERCS audit trail includes, but is not limited to the following:

    • The time and date of the event.

    • The user identification.

    • The approver’s identification, if the action required approval.

    • The type of activity (add, update, research, etc.)

    • The data that was accessed or changed.

    • The program that was executed.

  4. Audit trail information may be accessed from special ERCS menus by AIMS/ERCS analysts, HQ ERCS analysts, and designated system security officers. Managers should consult their local AIMS/ERCS staff for assistance if information from an ERCS audit trail is needed. For more information about ERCS audit trails refer to the Read Audit Trails section of the Utility Miscellaneous Programs chapter of the ERCS TRM. For information about the responsibilities of the AIMS/ERCS staff regarding the ERCS audit trails, see IRM 4.7.10, Examination Returns Control System (ERCS), AIMS/ERCS Staff.

Audit Trail Review

  1. All modernized IRS systems containing taxpayer date, like ERCS, are required to send their system and program audit trails to the Security Audit and Analysis System (SAAS). Audit trail repositories like SAAS aid the IRS and TIGTA in detecting potential unauthorized accesses to IRS systems and data.

  2. Security specialists from Cybersecurity are responsible for performing the review of audit trails sent to SAAS. Reports from SAAS are also sent to HQ ERCS analysts for review.

  3. Refer to IRM 10.8.2, Information Technology (IT) Security, IT Security Roles and Responsibilities, for more information including actions to take for suspected security incidents.

System Security Responsibilities

  1. Ensuring the security of ERCS is the responsibility of every user and support personnel including the AIMS/ERCS staff, the ERCS system and database administrators, and the ERCS developers.

ERCS User Responsibilities

  1. All users are responsible for ensuring the security of the ERCS system. This includes but is not limited to the following:

    • Protecting ERCS passwords. (Passwords should not be shared with anyone. Passwords should not be written down and left for others to see.)

    • Creating strong passwords.

    • Removing Smart Cards before leaving work stations.

    • Promptly picking up ERCS prints from printers in common areas.

    • Updating and approving work timely and accurately.

    • Protecting taxpayer data from unauthorized access.

    • Reporting security incidences to the proper authorities timely.

AIMS/ERCS Staff Responsibilities

  1. In addition to user responsibilities, the AIMS/ERCS staff security responsibilities include but are not limited to the following:

    • Ensuring users have met the pre-requisites before approving their Online 5081s for ERCS access.

    • Granting user permissions based on and limited to the user’s official duties.

    • Training and/or providing job aids to new users regarding the user’s responsibilities of the security requirements.

    • Ensuring the continued integrity of the ERCS database. This includes reviewing and correcting data issues and participating in operational reviews based on IRM requirements and local procedures.

System and Database Administrator Responsibilities

  1. Responsibilities of the ERCS system administrator include but are not limited to:

    • Ensuring all security features are installed and operating properly on the ERCS server.

    • Processing Online 5081s for ERCS and SSIVL access to add or delete users from the system.

    • Resetting passwords for users with locked or forgotten passwords.

    • Working OS GetServices tickets to resolve ERCS system related user issues.

  2. Responsibilities of the database administrator include but are not limited to:

    • Ensuring all Oracle security features are installed and operating properly.

    • Processing Online 5081 requests to reset ERCS Discoverer passwords.

    • Working OS GetServices tickets to resolve ERCS database related issues.

Getting Assistance

  1. Users experiencing ERCS or SSIVL program problems or questions are to seek assistance from their local AIMS/ERCS staff. If the AIMS/ERCS staff cannot resolve the user's issue, the AIMS/ERCS staff will make the determination if an OS GetServices ticket needs to be input. For ERCS access or ERCS program issues the ticket must be input by the AIMS/ERCS staff.

    Note:

    The AIMS/ERCS Personnel Listing by State article on the AIMS/ERCS website contains links to help users find the correct AIMS/ERCS contact list based on the user’s location.

  2. Users experiencing ERCS or SSIVL locked or forgotten password issues should contact the Enterprise Service Desk at 1-866-743-5748, Option 2 (Information Technology Service Desk).

  3. Users experiencing Discoverer locked or forgotten password issues should submit a "Reset Application Password" request via their Discoverer Online 5081.

  4. For information on current issues impacting ERCS refer to the Troubleshooting section on the AIMS/ERCS website. For information on current changes or updates impacting AIMS and ERCS refer to the What’s New section on the AIMS/ERCS website.

  5. For information on running the ERCS programs or on error messages received running ERCS, refer to the ERCS User Handbooks in the ERCS Manuals section of the AIMS/ERCS website.

Resources

  1. The following resource documents contain information regarding IRS security requirements and ERCS programs related to creating and reading ERCS audit trails:

    • IRM 10.8.1, Information Technology (IT) Security, Policy and Guidance

    • Security chapter of the ERCS Technical Reference Manual

    • Read Audit Trails section of the Utility Miscellaneous Programs chapter of the ERCS TRM

  2. The AIMS/ERCS website contains helpful information to resolve problems and answer questions. The following types of information is available:

    • ERCS Manuals - this section contains the ERCS user handbooks and the ERCS Technical Reference Manual. The manuals describe the menu options, screens, reports. etc.

    • AIMS IRM and ERCS IRM

    • Troubleshooting - this section has information on current issues such as setting up an ERCS ICON, password issues, adding an ERCS printer, etc.

    • Contacts - this section contains contact information for AIMS/ERCS Personnel, Area Office/Campus (area and campus program contacts), Employee Group Code (contacts for each area and campus AAC), LB&I Contact, etc.